summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Fix logic error in sshd(8) concerning the handling of failedreleng/6.1Colin Percival2008-04-173-4/+5
| | | | | | | | | | attempts to bind ports for X11 forwarding. Security: FreeBSD-SA-08:05.openssh Approved by: so (cperciva) Notes: svn path=/releng/6.1/; revision=178263
* Fix sendfile(2) write-only file permission bypass.Simon L. B. Nielsen2008-02-144-4/+8
| | | | | | | | Security: FreeBSD-SA-08:03.sendfile Approved by: so (simon) Notes: svn path=/releng/6.1/; revision=176272
* Fix date of last advisory -- January 14th, not January 18th.Colin Percival2008-01-151-1/+1
| | | | | | | Approved by: so (cperciva) Notes: svn path=/releng/6.1/; revision=175372
* Fix issues which allow snooping on ptys.Colin Percival2008-01-144-24/+28
| | | | | | | | Security: FreeBSD-SA-08:01.pty Approved by: so (cperciva) Notes: svn path=/releng/6.1/; revision=175334
* Correct a random value disclosure in random(4).Simon L. B. Nielsen2007-11-293-1/+5
| | | | | | | | Security: FreeBSD-SA-07:09.random Approved by: so (simon) Notes: svn path=/releng/6.1/; revision=174075
* Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers().Simon L. B. Nielsen2007-10-033-12/+15
| | | | | | | | Security: FreeBSD-SA-07:08.openssl Approved by: so (simon) Notes: svn path=/releng/6.1/; revision=172432
* Correct buffer overflow in tcpdump(1). [SA-07:06]Simon L. B. Nielsen2007-08-016-58/+507
| | | | | | | | | | | Correct predictable query ids in named(8). [SA-07:07] Security: FreeBSD-SA-07:06.tcpdump Security: FreeBSD-SA-07:07.bind Approved by: so (simon) Notes: svn path=/releng/6.1/; revision=171685
* Correct multiple security issues in how libarchive handles corruptColin Percival2007-07-123-37/+104
| | | | | | | | | | | tar archives, including a potentially exploitable buffer overflow. Approved by: so (cperciva) Reviewed by: kientzle Security: FreeBSD-SA-07:05.libarchive Notes: svn path=/releng/6.1/; revision=171404
* Fix buffer overflow in libmagic(3).Colin Percival2007-05-235-19/+32
| | | | | | | | Security: FreeBSD-SA-07:04.file Approved by: so (cperciva) Notes: svn path=/releng/6.1/; revision=169904
* Disable processing of IPv6 type 0 Routing Headers. This behaviourColin Percival2007-04-265-2/+17
| | | | | | | | | | | can be changed via the (newly added) net.inet6.ip6.rthdr0_allowed sysctl. Security: FreeBSD-SA-07:03.ipv6 Approved by: so (cperciva) Notes: svn path=/releng/6.1/; revision=169063
* Update zoneinfo and required support files for change in DaylightSimon L. B. Nielsen2007-02-2818-593/+1128
| | | | | | | | | | | Savings Time that begins in 2007. Approved by: so (simon) Submitted by: re (kensmith) Errata: FreeBSD-EN-07:04.zoneinfo Notes: svn path=/releng/6.1/; revision=167112
* Correct problems with locking, namei leakage, and symlinkColin Percival2007-02-145-8/+53
| | | | | | | | | | | creation in the NFS subsystem. Approved by: so (cperciva) Submitted by: re (hrs) Errata: FreeBSD-EN-07:01.nfs Notes: svn path=/releng/6.1/; revision=166720
* Correct two remote denials of service in BIND involving DNSSEC andColin Percival2007-02-095-8/+81
| | | | | | | | | | recursive DNS queries respectively. Security: FreeBSD-SA-07:02.bind Approved by: so (cperciva) Notes: svn path=/releng/6.1/; revision=166606
* Fix jail rc.d script privilege escalation via symlink attack againstSimon L. B. Nielsen2007-01-113-13/+119
| | | | | | | | | | /var/log/console.log and mount points. Security: FreeBSD-SA-07:01.jail Approved by: so (simon) Notes: svn path=/releng/6.1/; revision=165943
* Correct a signedness bug which allowed members of the operatorColin Percival2006-12-063-2/+6
| | | | | | | | | | group to read kernel memory. Security: FreeBSD-SA-06:25.kmem Approved by: so (cperciva) Notes: svn path=/releng/6.1/; revision=164942
* Correct multiple vulnerabilities in OpenSSH.Simon L. B. Nielsen2006-09-3016-13/+66
| | | | | | | | Security: FreeBSD-SA-06:22.openssh Approved by: so (simon) Notes: svn path=/releng/6.1/; revision=162896
* Correct problem in the 2006-09-28 patch concerning the handling ofColin Percival2006-09-293-2/+6
| | | | | | | | | | | excessively large DH moduli. Reported by: Steve Kiernan (Juniper SIRT) Security: FreeBSD-SA-06:23.openssl Approved by: so (cperciva) Notes: svn path=/releng/6.1/; revision=162788
* Correct multiple vulnerabilities in crypto(3).Colin Percival2006-09-2815-4/+102
| | | | | | | | | | | Limit the size of public keys used in order to protect applications from a denial of service via insane key sizes. Security: FreeBSD-SA-06:23.openssl Approved by: so (cperciva) Notes: svn path=/releng/6.1/; revision=162724
* Correct multiple vulnerabilities in gzip(1).Simon L. B. Nielsen2006-09-196-21/+29
| | | | | | | | Security: FreeBSD-SA-06:21.gzip Approved by: so (simon) Notes: svn path=/releng/6.1/; revision=162447
* Correct incorrect PKCS#1 v1.5 padding validation in crypto(3). [1]Simon L. B. Nielsen2006-09-065-24/+55
| | | | | | | | | | | | Correct multiple denial-of-service vulnerabilities in BIND related to SIG Query Processing and Excessive Recursive Queries. [2] Security: FreeBSD-SA-06:19.openssl [1] Security: FreeBSD-SA-06:20.bind [2] Approved by: so (simon) Notes: svn path=/releng/6.1/; revision=162076
* Correct several problems in the network stack, including aColin Percival2006-08-286-11/+63
| | | | | | | | | | | locally-triggered kernel panic, inaccuracy in reported memory allocation statistics, and problems on IPv6 point-to-point links. Approved by: so (cperciva) Errata: FreeBSD-EN-06:02.net Notes: svn path=/releng/6.1/; revision=161685
* Correct buffer overflow in the handling of LCP options in ppp(4)Colin Percival2006-08-233-13/+28
| | | | | | | | Security: FreeBSD-SA-06:18.ppp Approved by: so (cperciva) Notes: svn path=/releng/6.1/; revision=161557
* Fix problems in the startup scripts for jails.Colin Percival2006-07-073-91/+105
| | | | | | | | Errata: FreeBSD-EN-06:01.jail Approved by: so (cperciva) Notes: svn path=/releng/6.1/; revision=160152
* Correct a bug in the handling of multipart messages by sendmail(8)Colin Percival2006-06-145-11/+39
| | | | | | | | | | | which can allow a malformed message to crash a sendmail queue processing process. Security: FreeBSD-SA-06:17.sendmail Approved by: so (cperciva) Notes: svn path=/releng/6.1/; revision=159608
* Enable inadvertantly disabled "securenet" access controls in ypserv. [1]Colin Percival2006-05-314-17/+38
| | | | | | | | | | | | Correct a bug in the handling of backslash characters in smbfs which can allow an attacker to escape from a chroot(2). [2] Approved by: so (cperciva) Security: FreeBSD-SA-06:15.ypserv [1] Security: FreeBSD-SA-06:16.smbfs [2] Notes: svn path=/releng/6.1/; revision=159118
* Fix a forgetting RELENG_6_1 pointer.release/6.1.0Scott Long2006-05-061-1/+1
| | | | | | | | Approved by: re Notes: svn path=/releng/6.1/; revision=158335 svn path=/release/6.1.0/; revision=158336; tag=release/6.1.0
* MFen 1.883.2.15.2.5 -> 1.883.2.15.2.7Xin LI2006-05-061-8/+16
| | | | | | | Approved by: re (hrs, scottl) Notes: svn path=/releng/6.1/; revision=158333
* Set all the pointers to 6.1-RELEASE.Scott Long2006-05-067-7/+11
| | | | | | | Approved by: re Notes: svn path=/releng/6.1/; revision=158330
* MFC: Cosmetic kernel print fixes.Scott Long2006-05-061-2/+4
| | | | | | | Approved by: re Notes: svn path=/releng/6.1/; revision=158329
* MFC: unbreak 'make universe'Scott Long2006-05-061-8/+0
| | | | | | | Approved by: re Notes: svn path=/releng/6.1/; revision=158328
* MFC r1.87:Ceri Davies2006-05-051-1/+1
| | | | | | | | | | | Fix binary upgrades by accounting for the schg flag on /var/empty. PR: 96711, 96780 Submitted by: Nobuyuki Koganemaru, Martin Jackson Approved by: re (scottl) Notes: svn path=/releng/6.1/; revision=158318
* New release notes:Hiroki Sato2006-05-051-0/+5
| | | | | | | | | jail_interface rc.conf variable added. Approved by: re (implicitly) Notes: svn path=/releng/6.1/; revision=158314
* New release notes:Hiroki Sato2006-05-051-6/+9
| | | | | | | | | | | rr232x(4) added, sound(4) improvements[*] Suggested by: netchild Approved by: re (implicitly) Notes: svn path=/releng/6.1/; revision=158313
* MFC:Florent Thoumie2006-05-051-4/+7
| | | | | | | | | | | | | | - If no pidfile has been created at startup, only stop processes with current jid. src/etc/rc.subr: rev 1.53 -> 1.55 PR: conf/93287 Submitted by: anders Approved by: re (scottl) Notes: svn path=/releng/6.1/; revision=158307
* MFC:Florent Thoumie2006-05-052-15/+194
| | | | | | | | | | | | | | | | | | | | | | | | - Add following global jail options, used if no jail-specific options are set: * jail_mount_enable * jail_devfs_ruleset * jail_devfs_enable * jail_fdescfs_enable * jail_procfs_enable * jail_fstab * jail_flags - Add a jail_interface / jail_<jid>_interface option. An ip alias will be created (jail_<jid>_ip) on jail_interface or jail_<jid>_interface if set. This is not a mandatory option. - Document all missing jail_* options in rc.conf(5). src/share/man/man5/rc.conf.5: rev 1.289 -> 1.290 src/etc/rc.d/jail: rev 1.26 -> 1.27 Approved by: re (scottl) Notes: svn path=/releng/6.1/; revision=158306
* MFen:Xin LI2006-05-042-21/+31
| | | | | | | | | | | relnotes/common/new.sgml: 1.883.2.15.2.3 -> 1.883.2.15.2.5 hardware/common/new.sgml: 1.282.2.10 -> 1.282.2.11 Approved by: re (scottl) Obtained from: The FreeBSD Simplified Chinese Project Notes: svn path=/releng/6.1/; revision=158291
* MFC rev 1.669. This is done only because the change has been tested for aScott Long2006-05-041-0/+3
| | | | | | | | | month, and then only because it has been heavily reviewed and recommended. Approved by: re Notes: svn path=/releng/6.1/; revision=158286
* MFC rev 1.1-1.4 of if_bcereg.hScott Long2006-05-041-4/+2
| | | | | | | Approved by: re Notes: svn path=/releng/6.1/; revision=158284
* MFC rev. 1.3: repair ext2fs writes.Maxim Konovalov2006-05-031-1/+1
| | | | | | | Approved by: re (scottl) Notes: svn path=/releng/6.1/; revision=158275
* MFC: sys/geom/raid3/g_raid3.c 1.65Pawel Jakub Dawidek2006-05-021-2/+0
| | | | | | | | | | | We shouldn't lock the topology here - we will panic on assertion inside g_raid3_bump_syncid(). Reported by: Bradley W. Dutton <brad-fbsd-stable@duttonbros.com> Approved by: re (kensmith) Notes: svn path=/releng/6.1/; revision=158255
* MFC: 1.37David Malone2006-05-021-8/+20
| | | | | | | | | | Stop dump reading off the end of its inode bitmaps when it finds an invalid inode number in a directory entry. Approved by: re Notes: svn path=/releng/6.1/; revision=158252
* MFC: v1.45, v1.44David Malone2006-05-021-8/+11
| | | | | | | | | | Make port 37 time work on machines with 64 bit longs. Also merge a couple of updates to comments. Approved by: re Notes: svn path=/releng/6.1/; revision=158249
* MFC 1.141: honor fixed tx antenna when sending beacon framesSam Leffler2006-05-021-1/+2
| | | | | | | Approved by: re (kensmith) Notes: svn path=/releng/6.1/; revision=158248
* MFC (revision 1.65)Ariff Abdullah2006-05-021-1/+2
| | | | | | | | | | Add inverted amplifier sense quirks for Sony VAIO VGN B1VP/B1XP. Reported by: Stan Behrens <s.behrens at kon.de> Approved by: re (kensmith) Notes: svn path=/releng/6.1/; revision=158247
* MFC queue.3 1.39 to RELENG_6_1:Ed Maste2006-05-021-1/+1
| | | | | | | | | | | | The removal of CIRCLEQ left four queue macro families, but one sentence in the man page wasn't updated. PR: docs/94938 Submitted by: Ed Schouten <ed@fxq.nl> Approved by: re Notes: svn path=/releng/6.1/; revision=158244
* Forced commit: the previous commit was "MFC rev. 1.7: fix prototypeMaxim Konovalov2006-05-010-0/+0
| | | | | | | | | for SYSCALL_MODULE(9)." Approved by: re (OK, I'm lying) Notes: svn path=/releng/6.1/; revision=158233
* MFC rev. 1.33: document SO_NOSIGPIPE.Maxim Konovalov2006-05-011-3/+3
| | | | | | | Approved by: re (kensmith) Notes: svn path=/releng/6.1/; revision=158231
* MFC rev. 1.33: document SO_NOSIGPIPE.Maxim Konovalov2006-05-011-1/+9
| | | | | | | Approved by: re (kensmith) Notes: svn path=/releng/6.1/; revision=158230
* MFC rev. 1.19 netflow.c: set to zero engine_type, engine_id andMaxim Konovalov2006-05-012-8/+17
| | | | | | | | | | | | pad (cisco calls it sampling_interval) fields in netflow v5 header. MFC rev. 1.4 netflow.h: replace disappeared URLs to Cisco docs by new ones, style. Approved by: re (kensmith) Notes: svn path=/releng/6.1/; revision=158228
* MFC rev. 1.59: describe what actually boot(8) -m mutes.Maxim Konovalov2006-05-011-1/+2
| | | | | | | Approved by: re (kensmith) Notes: svn path=/releng/6.1/; revision=158227
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-22 16:58:14 +0000